Skip to content

Release Notes

backend v0.1015.0 / frontend v0.819.0

  • Forge: you can now create scopes using tag-based filters.
  • Forge: newly created remediation scopes start in a paused state, so you can review them before they take effect.
  • Forge: target queries are now limited to your in-scope targets.
  • Windows winget remediations now reliably resolve winget on the system PATH.

backend v0.1010.0 / frontend v0.818.0

  • Data tables: wide tables now have a floating horizontal scrollbar so you can scroll across columns without jumping to the bottom of the page.
  • Agent downloads: hardened the agent download redirect endpoints against path-traversal in encoded URLs.
  • Scopes: the scope detail page now shows tag names instead of internal IDs.

backend v0.1009.0 / frontend v0.814.0

  • Knowledge Graph: node detail loads faster
  • General performance improvements

backend v0.1007.0 / frontend v0.813.0

  • Knowledge graph: in-flight graph data requests are now cancelled when you navigate away or close the page, avoiding wasted work.

backend v0.1003.0 / frontend v0.810.0

  • Security improvements from regular scans.
  • Endpoints: IP and MAC addresses now stay current as agents report changes, instead of occasionally going stale.
  • Findings: endpoint names now display correctly even when an endpoint has no IP address.

backend v0.997.0 / frontend v0.807.0

  • Findings: the Detected column is now sortable.
  • Sign-in and account screens now follow your dark-mode theme instead of always rendering in light mode.
  • Forge: cancelling a single endpoint in a multi-endpoint batch now cancels only that endpoint — the batch resumes and still returns results from the others.
  • Findings: when a data source stops reporting, its findings and targets are now closed on endpoints that other sources still report, instead of lingering as stale.
  • Targets: asset-identity matching now prefers an exact name match when multiple candidates tie, so assets reported by multiple sources are correlated more accurately.

backend v0.994.0 / frontend v0.805.0

  • Endpoints: the agent status column is now labeled “Agent health” and reports two distinct signals — whether the agent is active (checked in recently) and whether it is healthy (its two daemons are reporting in sync).
  • Security improvements from regular scans.
  • Forge: osquery and script commands are no longer sent to endpoints whose agent is inactive — previously the job would silently queue and time out after about 15 minutes. Forge now declines up front and explains why, so you can choose an active endpoint.
  • Forge: when a conversation’s messages fail to load, you now see an error you can retry instead of what looked like an empty conversation.

backend v0.990.0 / frontend v0.802.0

  • Integrations: deleting an integration now cleans up its associated operational data.

backend v0.986.0 / frontend v0.801.0

  • Forge: jobs can now dispatch across multiple endpoints in parallel, with a toggle to switch between parallel and sequential dispatch.
  • Endpoints: a dedicated, filterable Source column shows where each endpoint’s data comes from.
  • Endpoints: the page header now shows an at-a-glance summary of your agent fleet.
  • Endpoints: the +N source rollup now shows integration logos on hover, and the hostname column stays frozen in place as you scroll horizontally.
  • Endpoints: corrected the tooltip shown on the +N source rollup.

backend v0.983.0 / frontend v0.794.0

  • Dashboard: KPI tiles are now clickable and drill into the matching page, pre-filtered — for example, Actively exploited opens Findings filtered to known-exploited vulnerabilities, Closed remediation targets opens Targets filtered to closed, and Agents deployed opens Endpoints filtered to agent-managed hosts.
  • Endpoints: you can now export the Endpoints table to CSV.
  • Integrations: each connection can have its own data-source refresh interval, so you can tune how often Furl pulls from each source independently.
  • Dashboard: a new agent-coverage card shows how many endpoints don’t yet have an agent installed.
  • Memory: the memory your agent forms during its dreaming phase is now visible in the Memory tab.
  • Dashboard: the remediation-target tiles are now labeled “Open remediation targets” and “Closed remediation targets” for clarity.
  • Dashboard: clearer vulnerability tile labels (“Actively exploited vulnerabilities”, “Total vulnerabilities (all sources)”, “Furl-remediated targets”), a more logical tile order, and consistent alignment so values and trend graphs line up across each row.
  • Dashboard: vulnerability stats are clearer — resolved targets are split into “Remediated by Furl” and “Closed”, and the deduplicated tile is renamed “Unique vulnerabilities”.
  • Targets: the Validation column now uses clearer, consistent wording (unvalidated → validating → valid / not valid).
  • Dashboard: the Open remediation targets tile now shows the same count as the Targets page.
  • Validation: a finding is no longer marked invalid without corroborating evidence, preventing false negatives.

backend v0.973.0 / frontend v0.783.0

  • Targets: a new Open/Closed State column lets you filter and sort targets by whether they’re still open or have been closed.
  • Targets: the Validation column is simplified — the Status now reflects only terminal outcomes, and the in-progress validating state is collapsed into a cleaner indicator. Scope-only validation shows a read-only status.
  • Settings and in-app navigation load faster — fewer redirects reaching Settings and a cached user profile remove a round-trip on each navigation.
  • Vulnerability matching is more precise: CPE fallback matching now only applies to tokens that broaden the installed product, reducing false matches.
  • Logging out from the user menu now works reliably.
  • The app keeps its styling intact when an error page is shown.

backend v0.968.0 / frontend v0.777.0

  • Pages now refresh their data more reliably, and background polling pauses while you’re on another view — keeping what you see current without unnecessary requests.
  • Empty and error states across the app now show clear, plain-language messages instead of leaking internal technical text.

backend v0.966.0 / frontend v0.774.0

  • Remediation preflight now detects packages that are held back from upgrades (apt holds) on Linux endpoints, so blocked upgrades are surfaced before a fix is attempted.
  • Tables across the app use a consistent set of page-size options (10, 25, 50, 100).
  • Vulnerability matching identifies more products correctly: ambiguous vendor/product combinations now fall back to product-only matching, and product identifiers covered by known CVEs are preferred.
  • Finding-to-target links are now recorded consistently during vulnerability processing.
  • Forge: when multiple approvals are pending, each response is applied to the correct action.

backend v0.963.0 / frontend v0.774.0

  • Targets: faster, more consistent loading for large target sets — target lists, filters, and counts are now served from purpose-built tables.
  • Endpoints: software inventory reports are now processed by diffing against the previous snapshot instead of rewriting every record, reducing processing load for large fleets.
  • Tables across the app share consistent page-size options (10, 25, 50, 100) and default to 10 rows per page.
  • Vulnerability matching now recognizes more product version formats, and targets are no longer incorrectly closed as removed when an upstream CVE lookup briefly returns no results.
  • Vulnerability identity matching is more accurate: candidate software identities covered by the CVE are preferred, and vendor/product pairs with no match fall back to a product-only lookup.
  • Findings are now recorded even when no remediation target exists yet, and a finding that affects several pieces of software on one endpoint is linked to all of them.

backend v0.951.0 / frontend v0.772.0

  • A new overview dashboard surfaces KPI cards and a vulnerability/remediation trend at a glance.
  • Targets: the list now paginates, sorts, and filters on the server, so large target sets load quickly and every column stays sortable across pages.
  • Findings: the table now has per-column filters and a Source column showing where each finding came from.
  • Scopes: processed targets now distinguish targets you closed from those the remediation pipeline resolved, and the processed-targets CSV export includes the closed disposition and the time each target was closed.
  • Targets: the Urgency column now sorts in the correct order.

backend v0.940.0 / frontend v0.766.0 / agent v1.2.0

  • The macOS agent (v1.2.0) now supports Intel-based (amd64) Macs running macOS Sequoia and later.
  • Findings: table columns now keep a fixed width while you sort, so the column headers no longer shift around.
  • Targets: furl-detected remediation targets now dedupe consistently, so duplicate entries no longer appear across calculation cycles.
  • Vulnerability scanning now detects known CVEs for Windows applications whose version numbers carry extra trailing segments (such as 7-Zip), which were previously reported as having no known vulnerabilities.

backend v0.935.0 / frontend v0.765.0

  • Authoring a remediation subject in Forge now automatically rematches previously-unmatched targets to it, so newly-defined subjects immediately pick up the software already in your inventory.
  • Targets now match to remediation strategies using their native CPE and package URL (purl) identifiers, so more software is correctly paired with the right strategy.
  • Vulnerability scans run faster — identity resolution is batched and deduplicated, and probes are skipped for targets that can’t be remediated.
  • Known Exploited Vulnerability (KEV) indicators now render with the correct critical styling.

backend v0.924.0 / frontend v0.764.0

  • Targets: the list now sorts by highest CVSS score first by default, so the most severe targets surface at the top.
  • Severity and urgency indicators are now a single, consistent chip style across the app.
  • Fixed a sorted, filterable column header that was invisible in light mode.

backend v0.923.0 / frontend v0.757.0

  • Findings: a high-level metrics header now summarizes key counts at the top of the Findings page.
  • Integrations: endpoints imported from Qualys now include their hardware UUID and serial number — and use the correct hardware identifier on macOS — so they correlate with agent-managed endpoints instead of appearing as duplicates.
  • Forge: the size of a proposed reach change is now validated before it can be applied.

backend v0.910.0 / frontend v0.756.0

  • Scopes: you can now retry remediation across a scope’s targets — retry all of them, just the failed or blocked ones, or an individual target.
  • Targets: remediation targets and their findings now close automatically when the underlying software is removed from an endpoint — and reopen if it’s reinstalled — instead of lingering as active indefinitely.
  • Remediation: when a remediation is blocked during preflight checks, the blocking reason now surfaces instead of the attempt failing without explanation.

backend v0.906.0

  • Findings: improved CVE version matching so vulnerabilities are detected more accurately — affected software with open-ended version ranges, trailing-zero version numbers, and multi-segment versions now match correctly, reducing missed detections.

backend v0.905.0 / frontend v0.755.0

  • Scopes: new scopes are created in a paused state so you can review their configuration before any remediation activity begins; activate or resume them when ready.
  • Endpoints: the endpoint detail panel now includes a software inventory table listing the software installed on that endpoint.
  • Scopes: the Scopes page loads faster.
  • Targets: the Targets page loads faster.
  • Strategies: the strategies table now has a Created Date column.
  • Security: updated platform and agent dependencies to address known vulnerabilities.
  • Forge: vulnerability research now anchors to the current date — web search results are treated as current and up to date rather than relying on the model’s training data.
  • Forge: switching to a different session while one is running now prevents thrashing between them in the user interface.

frontend v0.747.0

  • Sign-in now returns you to the page you originally requested, instead of dropping you on the default landing page.

backend v0.891.0

  • Endpoints: agents are now matched by their hardware UUID, so two machines that share a hostname are tracked as separate endpoints instead of being merged into one.
  • Targets: filtering remediation targets by multiple values no longer fails.
  • Remediation: when a deployment step fails, the pipeline no longer runs verification against it.

backend v0.888.0 / frontend v0.746.0

  • Endpoints: endpoints can now be tagged automatically from agent configuration, so you can group and target them by tags set on the agent itself.
  • People: only real user accounts from endpoint agents are ingested as people now — service and machine accounts are filtered out — and each person is correctly linked to their endpoint.
  • Remediation: Windows preflight checks now correctly evaluate available disk space and pending-reboot status before a remediation runs.

backend v0.885.0 / frontend v0.745.0

  • Scopes: a new Processed Targets table shows the targets a scope has run through, with a CSV export of the current view.
  • Scopes: blocked targets now explain why they’re blocked, and admin approval gates can be approved inline without leaving the page.
  • Strategies: targets with no matched strategy now show a clear “No Strategy” pill instead of the misleading “Needs Review” label.
  • Targets: remediation targets that have no CVSS score now sort below those scored 0, rather than mixing in above them.
  • Strategies: the subject picker in the Create Strategy flow is usable again.

backend v0.876.0 / frontend v0.739.0

  • Scopes: an endpoint tags filter on the “Where to Remediate” step lets you target remediation by endpoint tag.

backend v0.875.0 / frontend v0.738.0

  • Targets: a CSV export button on the Remediation Targets table downloads the current filtered view.
  • Findings: the search bar now filters results server-side, matching how search works on other tables.
  • Endpoints and Findings: integration and scanner icons in table columns are right-aligned and collapse cleanly when many are present.
  • Severity badges across the app now use the style guide’s color variants consistently.
  • Scopes: the ticketing destination dropdown handles Freshservice’s flat ticketing model correctly.

backend v0.870.0 / frontend v0.733.0

  • Sidebar: a What’s New link now opens the release-notes page directly from the app.
  • Forge: endpoints flash green when a command completes against them, making it easier to see which hosts just finished.
  • Forge: the reach panel refreshes after the assistant makes scope or strategy changes, so the affected-endpoints count stays in sync with the conversation.

backend v0.862.0 / frontend v0.730.0

  • Desktop tray notifications for informational events, approval requests, and snoozed deferrals.
  • Multi-select column filters across Targets, Findings, and Endpoints — pick more than one value at a time and see them as pills above the table.
  • Column-bound filters (CVE, VSI, CVSS Score, and others) now live in each table’s column headers rather than a separate toolbar.
  • Tables remember column visibility, page size, and active filters across refreshes — each table has its own scoped settings.
  • Active filters collapse to a summary pill when more than three values are selected.
  • Targets: Coverage card moved above the toolbar for clearer reading.
  • Strategies: enable/disable toggle moved into the secondary toolbar row alongside other table controls.
  • Unified search behavior across tables — press Enter or click Apply to submit, with a Reset-to-default control.
  • Targets: Software Vendor and Software Name filters include targets that only have attribute-level vendor or product data.
  • Tables: column-header filter dropdowns stay open across data refreshes.
  • Endpoints: Columns dropdown shows up even when the global search bar is hidden.

backend v0.856.0 / frontend v0.727.0

  • Forge streams the assistant’s response incrementally — text, tool calls, and approval state appear as they happen rather than after completion.
  • Forge: new user messages are now rejected while a tool call or interrupt is in flight, and when the last message isn’t from the assistant.
  • Forge: reach-panel job state pills show human-readable labels.
  • Endpoint owner lookup repaired (filters out stale and non-furl owners), restoring correct exception routing.